If Someone Stole Your List, Would You Know?
By Ken Magill
While seeding customer lists is nothing new in direct marketing, there’s a twist on the tactic anti-spam experts use that marketers could use to their benefit, as well.
Direct-mail marketers typically put their home addresses on their lists to detect, among other things, if a firm that rented it violates a one-time-use agreement.
Some anti-spam experts have taken this technique a step further to detect list theft and marketer malfeasance.
When subscribing to new email lists, they typically will provide a unique address so only email resulting from that signup will be sent to that particular address.
This way, they can tell if a marketer sells their address to a third party, or more likely, the list has been compromised somehow.
According to a recent study conducted by Harris Interactive on behalf of SailPoint, 29 percent of U.S. workers and 23 percent of British employees said they would take customer data including contact information with them when leaving a job.
Also, 23 percent in the U.S. and 22 percent in the UK said they would take electronic files, according to Harris.
Granted, SailPoint has a vested interest in the survey’s results. The firm’s product helps companies manage and restrict access to company data.
But email-list theft happens and seeding one’s own file with a unique email address is one way to detect it as soon as the sure-to-result spam begins to arrive.
Laura Atkins, principal at email deliverability consultancy Word to the Wise, said she always provides a unique address when subscribing to a new list.
“There are a couple reasons I do it, and one reason is if an address leaks, I can turn it off,” she said. For example, she said, someone recently walked off with a well-known email service provider’s customer list.
“There were four lists I was legitimately on and I started getting the same mail to all of those tagged addresses at the same time,” Atkins said. “It was Viagra spam. They walked off with the lists and immediately sold them to bottom-of-the-barrel spammers.”
Atkins’s advice to email marketers?
“If you’re using vendors, say an ESP or a fulfillment vendor, take email addresses that belong to a domain you own and put them on the individual lists,” she said. “This way if an address leaks, you’ll start getting mail and you’ll know which vendor leaked it.”
According to Atkins, email list theft is more common than one might suspect.
“This is a very common problem and it’s happened to very big companies,” she said. “There are a couple airlines that have had their entire subscriber list leaked.”
Unfortunately, email list theft is the proverbial bell that can’t be unrung.
“Once the email address is out there, the email address is out there,” said Atkins. However, it may be possible to hold the vendor responsible for the leak, she added.
“There are legal remedies,” she said.
As for whether or not to alert subscribers that the list they’re on has been compromised, Atkins said: “I don’t necessarily recommend that, but in some cases it may be legally required.”